This has all been quite a discussion! I wanted to clarify a few
things:
* <insert lawyer joke here> [1]
* Some of the statements made in this discussion rely on legal
assertions that aren't quite right. [2]
* As others have pointed out, every part of Conservancy's approach to
enforcement is designed to take risk away from companies out of
compliance. [3]
* I'm really glad that people are thinking about these issues. [4]
* Over time, regardless of what individual Linux copyright holders or
Conservancy do, others will bring law suits that will impact the
kernel. [5]
Conservancy spearheads a coordinated[6] and downright timid approach,
codifying our principles so that companies out of compliance can hold us
to them. We merely represent some kernel developers in exercising their
rights. We do this because we think it's right, and we re-evaluate this
together with our coalition at every step. And we do so in a coordinated
and litigation-avoiding style. I only proposed the KS session after
getting encouragement from several prominent kernel developers (and
given that there was precedence for such a legal-related discussion
[7]).
I want proper time for everyone to reflect on what has been said on this
thread and to provide well thought out feedback in whatever forum is
comfortable for them.
We propose to have this discussion in many different venues and places
over the next six months (whether or not there's an official session at
KS and whether or not we are there to participate if so). Bradley and
I will each be present at a lot of conferences and events over the next
six months. At any of these events where people are interested, we'll
host sessions in whatever format is appropriate to meet with Linux
developers and stakeholders to discuss Conservancy's enforcement
activities, to get feedback, and incorporate the ideas we hear into our
work and strategies. We'll post summaries of the meet-ups (to the
extent we can and still respect requested confidentiality) to our
principles mailing list[8].
Conservancy will be less active on this thread in the future. Obviously
we can't respond to every single criticism on every list, anyway.
Developers from our coalition are already participating and likely will
continue to do so directly.
Also, I'd be remiss if I didn't mention that Conservancy has tons of
other work to do, supporting its member projects (many of which are
permissively licensed btw), Outreachy[9] and a number of other important
initiatives like our employment agreement project, providing good
copyleft educational materials and solving the nonprofit accounting
problem.
karen
[1] I admit, the legal profession isn't the best... I maintain my legal
credentials, but other than teaching classes for other lawyers I'm not
primarily in that role anymore. (I do continue as a volunteer and give
legal advice to FSF and GNOME as my free time permits - not much this
past weekend after following this whole thread, haha!) As Executive
Director of Conservancy, I rely on other lawyers for Conservancy's
legal work. Not being able to see the source code to a device that is
literally sewn into my body and screwed into my heart gives me a
slightly different perspective on software freedom and has caused me to
contribute anyway I can, even if I haven't coded in years. I appeal for
the copyleft generally on safety, security and business reasons. I
also admit that while I have a pretty thick skin, I was somewhat taken
aback by the not-so-veiled threat of disbarment. FWIW, lawyers can hold
public or quasi-public sessions without automatically running afoul of
legal ethics. There is a long list of attorneys active in the field who
have presented at free and open source software events about myriad
topics.
[2] IAAL (though my primary work role is no longer in legal capacity)
but TINLA. I cannot point all of these out for obvious reasons.
[3] When we contact them one of the first things they see are the ways
we commit to making the process comfortable for them. This is true for
anyone who researches who we are and finds the Principles on our site.
The Principles not only talk about law suits as a last resort, but
provide the much more generous termination provisions, giving first-time
violators automatic restoration if the violation is fixed in a timely
fashion. We also respect confidentiality from companies who we believe
have a chance of doing the right thing, because while Linus may enjoy
taking a public potshot at a company out of compliance, I know from some
companies first hand that this is the singular thing that makes them
most nervous about committing to the kernel. There's a real fear that
even if they come into compliance they'll exposed to liability by some
other rightsholder in some jurisdiction somewhere.
[4] I don't think that a publicly archived list is the best venue for
it. Also, some of the developers in our coalition have strong beliefs
but soft voices.
[5] The majority of law suits in the last couple of years have not been
from anyone in Conservancy's coalition. Obviously, there are the suits
brought by Patrick, but there's also Versata/Ameriprise/Ximpleware in
which the GPL got caught in unrelated cross-fire. Whether or not the
kernel community wants to participate in law suits, courts will surely
wind up having GPL-related issues brought before them, and the results
of those cases will apply to the kernel as well. Info on the Versata
case is here:
https://opensource.com/law/14/7/lawsuit-threatens-break-new-ground-gpl-and-software-licensing-issues
[6] We try to coordinate with anyone active in the space who is willing
to coordinate with us. This incidentally has included rogue enforcers,
industry lawyers and anyone who does work to understand the copyright
status of the kernel (btw, in an early post, I said we coordinated with
dmg when I really meant 'gave feedback on big picture issues and tried
to coordinate' with the work LF is funding. They have graciously
listened to our comments, but I want to be clear that Conservancy has
not been invited to participate or collaborate in the project in any
way.)
[7] The Q&A I proposed was not intended as a negotiation or an attempt
to provide legal advice to anyone. In fact it was not dissimilar in
character from the session Karen Copenhaver (lawyer to Linux Foundation)
led with Keith Bergelt in 2009.
[8] https://lists.sfconservancy.org/mailman/listinfo/principles-discuss
which we launched last year to discuss the Principles of
Community-Oriented GPL Enforcement.
[9] I note that Outreachy itself has around 10 paid interns per year for
the kernel, and apparently "ranked #13 for contributions to the Linux
kernel during the last cycle" for organizations.
https://www.linuxfoundation.org/announcements/linux-foundation-releases-development-report-highlighting-contributions-to-linux
Thanks to everyone on this list who mentored and supported these
interns.